Strong params are strong

app/controllers/articles_controller.rb

@@ -12,7 +12,7 @@ def new
   end
 
   def create
-    @article = Article.new(params[:article])
+    @article = Article.new(article_params)
     if @article.save
       flash[:notice] = "Article was created."
       redirect_to articles_path
@@ -27,7 +27,7 @@ def edit
 
   def update
     @article = Article.find params[:id]
-    if @article.update_attributes(params[:article])
+    if @article.update_attributes(article_params)
       flash[:notice] = "Article was updated."
       redirect_to article_path(@article)
     else
@@ -41,4 +41,11 @@ def destroy
     flash[:notice] = "#{article} was destroyed."
     redirect_to articles_path
   end
+
+  private
+
+  def article_params
+    params.require(:article).permit(:title, :body, :author_id)
+  end
+
 end

app/controllers/comments_controller.rb

@@ -1,8 +1,14 @@
 class CommentsController < ApplicationController
   def create
     article = Article.find(params[:comment][:article_id])
-    comment = article.comments.create(params[:comment])
+    comment = article.comments.create(comment_params)
     flash[:notice] = "Your comment was added."
     redirect_to article_path(article)
   end
+
+  private
+
+  def comment_params
+    params.require(:comment).permit(:article_id, :author_name, :body)
+  end
 end

app/models/author.rb

@@ -11,10 +11,5 @@ def self.generate_samples(count)
   def self.random
     order('RANDOM()').limit(1).first
   end
-
-  private
-
-  def person_params
-    params.require(:person).permit(:email, :name, :phone_number, :twitter, :website)
-  end
+
 end